Online Security News Endwall 07/07/2016 (Thu) 06:09:23 [Preview] No. 149 [Reply] [Last 50 Posts]
See a news article or CVE bug report on an emerging computer security issue and want to share it? Post below.

I will also post links to Hak5 Threatwire videos.
Edited last time by Endwall on 07/07/2016 (Thu) 16:22:47.
496 posts and 3 images omitted.

Endwall 01/29/2020 (Wed) 05:35:56 [Preview] No.1517 del
Honeypot ICS Network Tricks CyberCriminals - ThreatWire [Embed]
Published:28 Jan 2020 Duration:10:04

MO8EXXWA MO8EXXWA 08/02/2020 (Sun) 17:58:20 [Preview] No.1558 del

PZWO0JKMC PZWO0JKMC 08/02/2020 (Sun) 18:00:28 [Preview] No.1559 del

(629.06 KB 2500x1870 1592011187437.jpg)
Dynamic vs Static IP Anonymous 07/31/2020 (Fri) 06:15:32 [Preview] No. 14287 [Reply] [Last 50 Posts]
I really want to host a web server at home, and I was recently thinking about switching from my dynamic IP to a static IP to not have to use this dynamic IP domain crap.Is it worth it?

(28.39 KB 474x266 dios.jpeg)
Richard Stallman Anonymous 07/28/2020 (Tue) 21:31:19 [Preview] No. 14282 [Reply] [Last 50 Posts]
make u prayer to our Lord

Anonymous 07/28/2020 (Tue) 21:35:19 [Preview] No.14283 del
Linus is better than him tbh

Anonymous 07/28/2020 (Tue) 21:53:22 [Preview] No.14284 del
Richard is better than Linus tbh

Anonymous 07/30/2020 (Thu) 05:09:18 [Preview] No.14285 del
Terry is better than Richard and Linus.

Anonymous 07/31/2020 (Fri) 04:39:54 [Preview] No.14286 del
They're all gay really.

Boss of the DeepWeb ? Anonymous 07/28/2020 (Tue) 22:02:12 [Preview] No. 1556 [Reply] [Last 50 Posts]
While just browsing some link directories, I saw a link titled

"Boss of the Deepweb"

Not sure what it is, little sketched out.

Anybody know what the site is ?

Endwall 07/29/2020 (Wed) 22:24:29 [Preview] No.1557 del
Do you have a link?

This isn't really a security privacy or anonymity issue, maybe it's an onion site so it has something to do with anonymity...? I've never heard of this site. I have removed the picture you posted, it was on the line / grey area of the posted rules (NSFW).
Edited last time by Endwall on 07/29/2020 (Wed) 22:30:25.

(141.00 B 225x150 logo.png)
Let's share our RetroShare keys.

If you're not using RetroShare, you can download it at: (get the desktop/laptop version, Linux users should use .appImage)

Source code at:

Here is my key:


Message too long. Click here to view full text.

Anonymous 05/27/2020 (Wed) 18:13:52 [Preview] No.14202 del
Pidgin is better.

Anonymous 06/15/2020 (Mon) 20:31:52 [Preview] No.14248 del
If you're interested in a distributed file sharing network with chat and mail capabilities, then also add the people over at:

Anonymous 07/28/2020 (Tue) 05:33:33 [Preview] No.14281 del

(7.71 KB 308x306 mono_black.png)
A fresh start - META THREAD Nodev 07/24/2020 (Fri) 21:32:14 [Preview] No. 1116 [Reply] [Last 50 Posts]
Dear nodevs,
As part of an ongoing struggle to maintain board culture and keep its best example alive, I have taken over ownership of this, yet another agdg bunker. As always, the board is a place to archive your progress and discuss all matters related to gamedev. This thread is for discussing the state of 8/agdg/ as a whole and planning for a more permanent place for us - especially with the ongoing removal of further boards hosting our bunkers.
If you have any banners for the board, feel free to submit them here. They will be also used on other bunkers.

1. Follow the global rules (
2. Spoiler nsfw images and videos

The constantly updated list of ongoing threads and active agdg boards is available here:
We will prevail.

Nodev 07/25/2020 (Sat) 17:42:03 [Preview] No.1117 del
>never ending exodus
It is so tiring anons...

Nodev 07/27/2020 (Mon) 16:20:48 [Preview] No.1119 del
treat this place as a fallback, like the board on that's a ghost town

(20.69 KB 541x167 my2020census.jpg)
I Don't Run Javascript Anonymous 03/20/2020 (Fri) 19:21:36 [Preview] No. 14056 [Reply] [Last 50 Posts]
Instead of going out of the way and making extra unnecessary effort to write a garbage fail web site, why not stick with standard HTML forms and POST and always Just Work on any fucking browser made in the last 20 years?
34 posts and 6 images omitted.

Anonymous 07/10/2020 (Fri) 09:54:12 [Preview] No.14256 del
(133.31 KB 550x301 1995-pizza-dot-net.jpg)
>I can sit on my lazy ass, order and pay for a pizza online and have it delivered to my house within an hour without having to stand up once
Sandra Bullock could do this back in 1995 without having to load 50MBs worth of JavaShit.

Anonymous 07/15/2020 (Wed) 20:43:35 [Preview] No.14262 del
We wouldn't care about malware running in the browser if browsers adapted to current times and were turned into real VMs

Anonymous 07/21/2020 (Tue) 05:16:29 [Preview] No.14270 del
It's called a LAMP stack you stupid nigger.

Anonymous 07/25/2020 (Sat) 23:08:49 [Preview] No.14279 del
I filled out the paper Census form instead.
I also file paper tax forms.

js sucks, but it's not the main issue. The main issue is that citizens should be able to comply with the law without needing a computer. My worry is that paper forms for stuff like this will no longer be used in 10-20 years.

Anonymous 07/26/2020 (Sun) 06:35:30 [Preview] No.14280 del
Public library has computers, so you can do government required stuff there.

(81.95 KB 714x468 acronis_fail.jpg)
Anonymous 11/25/2019 (Mon) 00:27:21 [Preview] No. 13939 [Reply] [Last 50 Posts]
Western Digital used to make their own tools and utilities for their products, but now they're doing the third-party marketing-partnership fail dance with this sorry sack of shit. Instead of writing a basic utility to clone data from a competitor's drive to theirs, Western Digital puts a download link to this trial-version network-activation Acronis bullshit with a "30 day grace period" and whatnot, and then it doesn't even see the drive that is right there.

Instead of doing work, it's become all too common to look for a "win-win" partnership of some kind. If I adopted this line of thinking, then maybe instead of writing a couple paragraphs of text to post to an imageboard, I could "partner" with someone else to write them for me, and in exchange they could casually mention that if you're not quite up to typing something today, you can always swing by and we can work out a mutually beneficial deal!

I booted up under Linux and used dd like I should've in the first place. Fuck you Acronis, and fuck you for using them, Western Digital. Your drive better not start clicking like the brand new Seagate just did.
2 posts omitted.

Anonymous 11/26/2019 (Tue) 15:04:56 [Preview] No.13945 del
>Congratulations on catching on

Fuck you in the ass with a ten-penny-nail-augmented baseball bat you condescending fuckwad. People whose code has run in ferrite-core machines have multiple computers and all flavors of OSes, even if they'd like to see gates and ballmer dead in a plane crash.

Anonymous 04/16/2020 (Thu) 13:19:54 [Preview] No.14092 del
Macrium Reflect is free for home use with no account required. It's the only "just works" solution I've found to full disk cloning and bootable backup creation on Winblows. It's also OEM agnostic unlike whatever horse shit you've been jewed into using. Try it out and thank me later, boomer.

This. Unix tools are generally superior.

Anonymous 05/04/2020 (Mon) 13:36:25 [Preview] No.14125 del
Solid choice on avoiding license-cuck software. I'd recommend clonezilla as a general use "cloning" util (aka sparse imaging) since it is filesystem aware and won't take as long for drives that aren't completely full and probably work better for inexactly matching drives.

Just hope your new drive isn't SMR since WD and Seagate are sneaking these fake drives into lots of product lines including the raid marketed WD reds.

Anonymous 07/22/2020 (Wed) 05:55:46 [Preview] No.14272 del
U mad.jpg

Anonymous 07/24/2020 (Fri) 15:33:44 [Preview] No.14278 del
Good catch. That WD is an SMR drive according to WD's listing. The equivalent 2tb blue model that isn't a fraud is the wd20ezrz.

I can also recommend clonezilla.

(11.34 KB 233x217 thinking-computer.jpeg)
Imageboard protection Anonymous 07/16/2020 (Thu) 09:13:43 [Preview] No. 14263 [Reply] [Last 50 Posts]
When creating an imageboard site, how do you:
1. Protect it against severe Layer 7 DDoS attacks (which are far more complicated to fight than the normal Layer 4 attacks because VPS providers only protect against the latter) without relying on Cloudflare shit
2. Protect it against spammers who use a script utilizing a paid captcha solving service, rendering (built-in) captcha protections useless
I've thought about this a long time myself and even asked imageboard software devs themselves but nobody knows an effective solution. I guess Layer 7/application layer DDoS attacks (which use the URL, not the IP) could be prevented by going .onion-only (which means it'll never become a busy site) but that still leaves the spamming problem.

Anonymous 07/16/2020 (Thu) 10:12:59 [Preview] No.14264 del
>but that still leaves the spamming problem
Set TPH limit, captcha per post, wordfilters.
Captcha at meguca is unsolvable by bots and you need to click anime characters.
Don't have /b/, /v/ or /pol/ and also don't have custom board creation.

Anonymous 07/16/2020 (Thu) 16:35:03 [Preview] No.14265 del
>Set TPH limit
You can spam random existing threads.
>captcha per post
See OP.
Random strings can be spammed.

Anonymous 07/19/2020 (Sun) 16:01:57 [Preview] No.14267 del
Websites are the mistake.

Anonymous 07/22/2020 (Wed) 05:56:30 [Preview] No.14273 del
What solution do you propose?

Anonymous 07/24/2020 (Fri) 07:53:32 [Preview] No.14277 del
Older and simpler protocols that don't have the overhead of http, and that are much easier to write clients & servers for, and where those clients & servers can run comfortably on archaic/weak hardware that isn't full botnet garbage with bloated modern cuck OS on top of it.
And something that doesn't fail when connections timeout and host isn't reachable. NNTP is a good example here. You can make batch transfers instead of needing an active connection to a server, and the whole thing is a store & forward network, so even if some servers get DoS'd, the system is still running. The cunts would have to DoS the entire network that's distributed accross many countries and backbones, so they will just waste their time if they try. And there's also the option of doing out-of-band batch transfers (not on the regular network) to mitigate DoS at any particular node. Since the medium is text and it doesn't use much diskspace or bandwidth, you have a lot of options for viable alternative OOB solutions. That way you can keep nodes up-to-date even while they're being DoS'd, and when the cunts switch to DoS'ing a different server, the one they just left can come back online fully ready.

(104.31 KB 1242x828 Freenetscreenshot.png)
Freenet gateway Anonymous 04/12/2020 (Sun) 19:52:55 [Preview] No. 14077 [Reply] [Last 50 Posts]
Hey /tech/. I've made an open Freenet proxy. No censorship or whitelist, you can browse everything.

Anyone who wants to try it and give some feedback?
4 posts and 1 image omitted.

Anonymous 05/12/2020 (Tue) 15:48:19 [Preview] No.14146 del
let me guess... glowmail??

Anonymous 05/21/2020 (Thu) 18:47:40 [Preview] No.14176 del
Site down!

Invalid key: There is no @ in that URI! (freenet/)

Anonymous 05/23/2020 (Sat) 15:47:54 [Preview] No.14194 del
Remove the / at the end.

Anonymous 07/22/2020 (Wed) 05:59:32 [Preview] No.14274 del
Good luck. Freenet does not tunnel through the regular internet for a reason.

Anonymous 07/23/2020 (Thu) 06:29:29 [Preview] No.14276 del
(110.50 KB 696x464 varg-vikernes.jpg)
Stop using pedonet

New sheriff in town Anonymous Board owner 05/21/2020 (Thu) 10:11:39 [Preview] No. 14174 [Reply] [Last 50 Posts]
Hi guys, I'm the new board owner.
I claimed this board because it was dead and there aren't that many alt /tech/ boards on the intertubes.
I'm planning on bringing new life to this board, shilling it a little here and there.

But enough about me; what do you think of this board? Any change you would like to see? I already removed all the bans and the captcha and stuff like that.
29 posts and 6 images omitted.

Anonymous 06/10/2020 (Wed) 17:36:07 [Preview] No.14247 del
doesnt existsts
post freely your nsa leaks on this cia-owned board via cpnet.
t. tranny Lenny

sage sage 06/20/2020 (Sat) 22:56:49 [Preview] No.14252 del
Why would it matter?

Anonymous Board owner 07/06/2020 (Mon) 01:16:35 [Preview] No.14253 del
Is there a Tor ban?

Anonymous 07/16/2020 (Thu) 19:23:15 [Preview] No.14266 del
ask the owner to fix the retarded loading when you hover over quotes
change the default theme to EndGD, I think we can all agree it's superior

Anonymous 07/22/2020 (Wed) 23:13:38 [Preview] No.14275 del
This board isn't all that bad

(394.49 KB 1100x582 guardpost.gif)
Darkweb Intro Anonymous 08/15/2019 (Thu) 12:03:20 [Preview] No. 13454 [Reply] [Last 50 Posts]
Alright, could anyone give me a basic bitch primer on dark web for little babbies? My knowledge at the moment is limited to Tor, and the onion addresses for the hidden wiki, and the onion address for Endchan. I'm starting to realize given how every site I liked has been shut down, switched domains, DDOSed, put on watchlists, or made 'registration only' on clearnet channels (a sidenote: I would have thought this would have happen to the porn sites I visit, but oddly enough, those are A-OK on clearnet) that I need to go ahead and plan for the future and just move whole-hog to Dark Web. To those who wil say I'm a little late to figuring this out: you're right. Here's what I would like if anyone can supply it:

- What are all the darkweb channels? Tor, I2P, Zeronet, I missing any?
- Any basic tips on general usage/quickstarts for each channel. Pros/cons of each.
- Good starter websites for each. I'm particularly interested in news/forums, and any libertarian websites.

Thank you very much m(_ _)m
1 post omitted.

Anonymous 08/15/2019 (Thu) 23:59:51 [Preview] No.13467 del
Check for dark web links

Anonymous 10/25/2019 (Fri) 15:52:09 [Preview] No.13864 del
Did you read the OP? Clearly not.

So Tor is basically the most secure because it's the most supported by non fed routers, that said there are enough owned routers to establish a complete chain on fed routers to locate a hidden server. So Tor really only protects users but services are still vulnerable. That's why anons are scrambling to establish a platform that's decentralised to stop censorship. However no anons want to host that shit just in case they get in trouble or are the one to be made an example of. To say Usenet and other newsgroups have run strong since fucking forever it really makes us look like a bunch of dumbshits. NNTPchan was an effective step in that direction but the format and non-centralised nature of it seemed to put off the less technical.
So basically, until hosting has been figured out it's easier to just use Tor to browse clear web.

Anonymous 10/25/2019 (Fri) 21:30:23 [Preview] No.13865 del
Sorry for lack of knowledge, but how do you actually use NNTPchan? I don't know if you need to run a node or not to actually use it, or if there is some other method for getting onto it.

Anonymous 07/22/2020 (Wed) 05:54:10 [Preview] No.14271 del
Save time and go straight to Freenet.

QTDDTOT Anonymous 05/26/2019 (Sun) 04:36:45 [Preview] No. 13329 [Reply] [Last 50 Posts]
Mod please sticky this. Eat fifty dicks

I have Tor Browser which runs its own Tor instance. I also have Tor explicitly installed on my Linux system. Should I start up and run the Tor service in addition to using the Tor Browser, even though I technically don't need to? Is this more secure and robust and, if so, why?
Edited last time by _ on 08/05/2019 (Mon) 18:21:34.
71 posts and 9 images omitted.

Anonymous 04/19/2020 (Sun) 01:37:40 [Preview] No.14096 del
Henlo, tech support for this would be much appreciated:
So, I'm browsing endchan onion style and have come across an annoying issue: setting the color only works for one tab. Open a link in new tab, and it's back to Yotsuba B.
Now, obviously this is happening because tor browser, I get it. But, I was wondering if any of you have some cool methods of bypassing this issue. Any ideas?

Anonymous 04/26/2020 (Sun) 05:31:41 [Preview] No.14108 del
Is 4chan compramised do they investigate the people whom use it safe to raw dag any chan.who to use a chan without being v&

help me help 05/03/2020 (Sun) 16:00:41 [Preview] No.14124 del
app to format everything on android and leave no trace??

Anonymous 07/20/2020 (Mon) 19:49:32 [Preview] No.14268 del
(643.60 KB 1398x925 1497038477452.png)
if I want to run a home server for e-mail and streaming a video from the server to say my ps3 or something, do I need anything special? is there a good guide for retards? I have a spare computer and I'm tempted to run a debian server on there but don't really know what to do past that.

any tips or pointers or links to related materials would be helpful and appreciated. and trust me when I say I'm retarded and don't know where to start.

Anonymous 07/20/2020 (Mon) 22:49:04 [Preview] No.14269 del
i would just make a designated folder an open directory tied to my local ip address. anyone on wifi can access the folder. There is a python program to do this

Youtube Replacements Endwall 06/11/2016 (Sat) 08:29:50 [Preview] No. 78 [Reply] [Last 50 Posts]
Google engages in sophisticated datamining of your video viewership. Youtube is also a prism service provider.

List any substitutes for youtube for use with youtube-dl or endtube below:
38 posts omitted.

Anonymous 03/11/2019 (Mon) 03:43:53 [Preview] No.1380 del
Oh shit I thought it was fine because often I always see in any privacy sort of discussion various people basically concern trolling and saying "tor is comped" and whatnot. That back and forth is so common I thought it would be ok to have that stream of conciousness.
Will post on /h4x0r/ but I am not even a skid so now its migrating info into the point I will fuck that up too. I tried enjoy the info and thank you so much for sharing the info you find sporadically. Not to mention the endwall repo and hidden service,

If i am not mistaken this board all of it started from you dumping your tips on /tech/. It was a derailment a burst I shot my load too in this thread so I thought it was in the flavor of it all but I am a BO too so I understand keeping it orginized lel.

Endwall 07/13/2020 (Mon) 02:40:39 [Preview] No.1553 del
$ endget "http://4l2dgddgsrkf2ous66i6seeyi6etzfgrue332grh2n7madpwopotugyd.onion/search?q=RC2014&page=2" -O webpage2.html.gz
$ endget "http://4l2dgddgsrkf2ous66i6seeyi6etzfgrue332grh2n7madpwopotugyd.onion/search?q=RC2014&page=3" -O webpage3.html.gz
$ gunzip *.gz

You need the quotes for it to work, but this is an acceptable method for searching for youtube videos from the terminal. I've also made a tool called that performs a search using youtube-dl from the command line behind torsocks. Forked from tubesearch. Available in the usual locations.

Endwall 07/18/2020 (Sat) 20:50:09 [Preview] No.1554 del
Once you download the webpage, search for video links like so:
$ grep "watch?v=" rc2014pg1.html
read the titles choose the video and then launch endtube.

Anonymous 09/19/2018 (Wed) 14:35:43 [Preview] No. 12870 [Reply] [Last 50 Posts]

posting via it rn
26 posts and 3 images omitted.

Anonymous 04/01/2019 (Mon) 16:54:51 [Preview] No.13249 del
Is this really that easy to setup?
I compiled the thing and followed the guide.
While it seems to work, I can't connect to any .loki address, even the test one from the guide.
It just keeps exploring the network and then throwing "invalid pkt".
I dunno, maybe i'm just retarded, but I can't get this thing to work.

Anonymous 06/30/2019 (Sun) 21:28:01 [Preview] No.13354 del
Ok, update. I finally got it to work sometime ago and i got to visit only 2 sites (links to anything else don't work, but maybe it's because of constantly changing things between releases, so whatever). But I wanted to test if i can stream some video over this and ffs i can't connect to the server no matter what. They're literally running the same code from master and dns just can't find the address (i've followed the guide on lokidocs and everything works locally and through i2p, so it's not my end). Also accessibility of other addresses like the wiki is spotty at best, so I hope it's just because of the early stages of your work, otherwise it's just a broken piece of shit.

Anonymous 07/11/2020 (Sat) 22:48:34 [Preview] No.14257 del
for the record, some dumb shits at CCC used a screenshot of this thread as "proof" that loki project and 8chan "Colluded" or something fucking gay i dont even fucking know.

rin 07/11/2020 (Sat) 23:04:27 [Preview] No.14258 del
Semi apology accepted Wladimir Palant,
Just apologize to Jeff personally, don't trust people, and always verify everything.

FYI, 3C36 has been confirmed to abuse members and cult, which is why I didn't go this year, or following ones:

Imageboards are great aren't they?

Anonymous 07/12/2020 (Sun) 17:27:54 [Preview] No.14260 del
CCC died years ago like many other hacker conferences (actually does a single one remain?) when they completely caved in to the deranged leftists, feminists, and sexual perverts that have been infesting IT and Open Sores more or less in-crescendo for the past 10 years or so
since 32c3 or so it became obvious to anyone that technical topics were no longer the focus, with openings/closing keynotes strongly biased toward left-wing political bs such as climate alarmism, muh rapefugees, the behaviour-policing co-option of open sores projects and associated communities, etc. and even full presentations explicitly dedicated to feminist or neo-marxist propaganda
CCC is long dead, there should be no surprises that its corpse continues to decompose

but apart from all that evil, i have to laugh when i read that vc was beaten by some wymen. i hope he gets his lawyers to thoroughly fuck them in the ass but he still should have fought them back, or was he attacked by men too? how large was the mob

(23.99 KB 554x272 ltc.jpg)
telegram bots Anonymous 07/12/2020 (Sun) 16:44:54 [Preview] No. 14259 [Reply] [Last 50 Posts]
telegram bots paying in LTC attached proof.

CaptainBlackbeard Radio Anonymous 07/08/2020 (Wed) 02:11:29 [Preview] No. 357 [Reply] [Last 50 Posts]
Saw this over on GlowInfinity's and fell in love. Reposting as requested.

-.-. .-.. - … . / . -. -.-. - ..- -. - . .-. … / - ..-. / - …. . / -.-. .- .. - .- .. -. -… .-.. .- -.-. -.- -… . .- .-. -.. / -.- .. -. -..

Close Encounters of the CaptainBlackbeard Kind



Venturing Across The Dark Seas And Beyond…

Braving Dark Seas Storms and South Seas Pandemics

CaptainBlackbeard Radio returns with the finest sounds around from the Underground!

Message too long. Click here to view full text.

Anonymous 07/08/2020 (Wed) 02:12:44 [Preview] No.358 del

Hash: SHA512

Ahoy mates!

Ye can find the transmission of Close Encounters of the CaptainBlackbeard Kind here!

(Press the download button to download the .mp3 for the safest way to listen. Ye can also stream the .mp3 if ye set yer TOR Broswer's setting to Standard Safety in yer preferences or listen on a JS-enabled browser. But this be not the most op-sec tight way to listen

CaptainBlackbeard strongly advises against downloading anything from the Dark Seas for any reason. But mp3s be relatively harmless and will corrupt if anything nefarious be within them.)

Message too long. Click here to view full text.

Anonymous 07/08/2020 (Wed) 02:14:01 [Preview] No.359 del
CaptainBlackbeard Saves America:

The Italian Stallion Of The Dark Seas


Bell Time: July, 4th 2020

Location: Versus Market Forum

Main Event: Apollo Creed (C) Vs. Rocky Balboa for the World Heavyweight Title

Join us for the first Super Fight in Dark Seas History as the greatest heavyweight champion boxer of our times Apollo Creed (47-0) takes on underdog club fighter Rocky Balboa (42-20) in a once in a lifetime shot at the greatest championship in the world!

Music Before The Main Event

Beastie Boys

Message too long. Click here to view full text.

Anonymous 07/08/2020 (Wed) 02:14:53 [Preview] No.360 del
Ahoy Mates!

CaptainBlackbeard Radio returns on Americas Birthday with our most high energy audio release yet! Join yer host First Mate Harry Stash as we take ye on a psychedelic audio journey through the Dark Seas!

This is a feature motion picture length three hour episode generously sponsored by Versus Market the top futuristic Dark Seas Market for all your Dark Market needs! This is the first professionally produced and sponsored broadcast in Dark Seas history!

Please Upboat For Visibility

In This Episode

- CaptainBlackbeard Saves America over the July 4th weekend

- Find out who really killed Tupac Shakur and what happened that night

- Can the town survive hippies?

- CaptainBlackbeard Global News

Message too long. Click here to view full text.

Anonymous 07/08/2020 (Wed) 02:15:20 [Preview] No.361 del

Hash: SHA512

This is the official release of the 74kbps release of CaptainBlackbeard Saves America: The Italian Stallion of the Dark Seas.




Message too long. Click here to view full text.

Definitions and Threat Models Endwall 07/05/2020 (Sun) 20:46:22 [Preview] No. 1548 [Reply] [Last 50 Posts]
Definitions and Threat Models

In this thread we discuss the definitions of Privacy, Security, Anonymity. We also create and describe common threat models that chan users might face.

Who is the enemy? What tools do they potentially have? What could they do to you? How do you mitigate these threats and potential harms?
Edited last time by Endwall on 07/05/2020 (Sun) 21:15:21.

Endwall 07/05/2020 (Sun) 21:07:06 [Preview] No.1549 del
I'm going to provide my definitions without referencing any material. This is in a personal computing context:

Privacy: What I do on my local computer only I know, the files I read from my local hard disk, the computational operations that I perform, the text files I create, the commands that I input are known only to me (the user). These operations, inputs by keyboard and outputs to my screen / monitor are known only to the user, only I know what files I observed, how I interacted with them, edited them or saved them, and what commands I inputted to the keyboard to perform these actions. Local files and operations on the personal computer are known only to the current user, and are ephemeral and gone once the computer is power cycled, unless I specifically made a log of the actions and stored it to disk intentionally.

Security: Unauthorized users, programs, or processes are not able to access read, write or modify, or know the contents of files or operations performed on the personal computer. Remote computer users can not access, retrieve, files or memory from my personal computer unless I have set up a server to do so and only within the context of the files being served. Other persons with physical access to my computing device can not operate, or retrieve files or information from the device without authorization.

Anonymity: Actions performed in public whether observed or unobserved, are either unnoticed, noticed but unreported, or noticed and reported but it is not possible to attribute the public actions to the source actor either due to lack of observable evidence, or the computational complexity. Public here means remote computers that my personal computer connects to via internet routing technologies. Public access from my computer to another computer system hosting files or serving files and content via the internet. Actions could include retrieving files, modifying files, or reading and posting text to a remote server by way of programs running on my personal computer.

People accusing each other of not grasping the separation or overlap of these concepts is perennial (comes up often). So I figured this should be sorted out in it's own thread. Post any additional definitions or links to proper definitions below.

Endwall 07/05/2020 (Sun) 21:59:54 [Preview] No.1550 del
Related concepts

Privacy: clean computing, no malware, no keylogging, no system logging. No shoulder surfing. No cameras in your room. No microphones in your room. No screen captures. No position tracking. Public Key Cryptography for messaging (RSA).

Security: Strong passwords, username/password access authentication, file permissions, Strong Encryption, Encrypted file systems, Encrypted files and folders. Firewalls, Access Control. Physical locks on your room, front door, windows, bars on the windows, physical key lock on the computer.

Anonymity: Face masks, hoodies, wigs and sunglasses, motor cycle helmets, black track suits, camouflage. Tor, I2P, Proxies. Typewriters, cork bulletin boards with tacks and push tacks, No cameras, no voice recognition, no facial recognition. Dead drops of floppy disks and USB sticks, SD cards. Sneaker nets. Voice modulation/ modification dsp technologies, talking like Batman etc. Text to speech...etc.

I feel that personal computing privacy is the root of the other two concepts. If there is a key logger or other related malware on your system (screen shot grabbers etc), your passwords are not secure (system and encryption), your actions and intentions are known, and your "Anonymous" discussions online through IM and message board posting, and potentially offline (dead dropping your manifesto that you typed on your computer) are also observable.

Post more below

Endwall 07/06/2020 (Mon) 00:37:34 [Preview] No.1551 del

Privacy: When I'm in my house I draw the blinds on my windows, and I can go into my shower, strip my clothes and shower naked, nobody can see what I'm doing except for me. My walls form a visual privacy barrier, the running water masks the sound of my humming and whistling. (Thermal imaging cameras can defeat this form of privacy).

Security: While I'm showering upstairs a delivery man comes to the door with a parcel, he rings the doorbell, and nobody answers, from this he infers that there isn't anyone inside, and he tries the door handle to open the door. It's locked with 2 deadbolts, so it doesn't open. There are no open windows, and the windows are all barred up with security bars. (Brute force or lock picking can defeat this form of security).

Anonymity: After finishing my shower, I open the front door and take the parcel in, and open the exterior, inside is a note with an address and some instructions, and another parcel. I put on a wig with a fake mustache and beard, sunglasses and a hoodie. I put on a black track suit and a motorcycle helmet, and go outside to my motorcycle and then I change the license plate to another stolen license plate belonging to another motorcycle owner that I stole earlier that day (borrowed). My motorcycle is the most common manufactured brand, model, and color averaged over the last 10 years. I proceed to drive at the speed limit to arrive at a house address mentioned in the note, to deliver the parcel that was placed at my front door by the delivery man. I place it at his front door in a special lock box, and then I drive home. Unless I was followed, hopefully the entire transaction was anonymous. (defeated by being tailed, traced, tracked, or by camera surveillance network).

Regular anonymity for most people, means walking out your front door with no face masking apparatus, jumping in your car (with your license plate), going to the store, buying milk, being on camera, paying with a credit card, and driving home. But nobody cares, since everyone needs food right? You are just one of many food eaters, not very unusual, so it goes unnoticed / unreported. (What most people think the internet is like...until you find out your were very wrong and uninformed about the danger...).

VPN/proxy/TOR general thread Anonymous 04/15/2016 (Fri) 22:12:39 [Preview] No. 2 [Reply] [Last 50 Posts]
Cool board idea.

What's the safest possible way to browse the internet anonymously and safely? There's a thread on /tech/ with the endwall developer talking about proxychains, and that seems pretty cool. Some of the links to proxy lists seem dead, and I have found some online but why should I trust these random 'free' proxies?

What about proxychains over VPN? I'm currently using Mullvad which is alright, and I'm curious about more security if need be. Does a VPN -> proxychain -> TOR connection work? Sounds horribly slow in theory, but I think we all know that privacy comes at a cost in our current world.

I suppose I could call this a 'VPN/proxy/TOR general thread.'
83 posts and 5 images omitted.

Anonymous 06/27/2020 (Sat) 12:19:10 [Preview] No.1542 del
>says there are around 200 proceses working in the background. That's 198 too many.
I know. Stuff like watchdog and all kinds of daemons running wild.the biggest load of crap is telling people systemd is all you got to look out for. First of all javascript but only systemd is not true. That's why I like your approach.

Endwall 06/27/2020 (Sat) 20:15:07 [Preview] No.1543 del
Use Digital Research DR DOS if you don't like Microsoft. I have retail copies of MS DOS 5.0 on 5.25" floppies from 1991, and MS DOS 6.22 on 3.5" floppies retail from 1994. NSA\CIA\FBI etc don't have a time machine and can't time travel and insert malware into the base system retroactively.

DOS is a Single Tasking 16 bit Operating System programmed in x86 assembly; only 1 process on the top of the stack at a time. No keyloggers, runs in 384 KB of memory.

You'll have to audit 2-3 pieces of software ( a driver for a 3com or Intel NIC, and links 2 browser ) and compile using Borland Turbo C, or get a GCC compiler for DOS.

Get a 486, or 386 with 16MB RAM install DR DOS or MS DOS, a NIC, a packet driver and the binary for Links, or compile it your self, set it to route through port 9050 on your tor router (running on Linux/UNIX). With that you'll be free to post whatever you want, nobody will know what you're doing on your computer, and if tor (or whatever comes next) works properly, then you'll be anonymous.

Free to read what you want from the internet, and post what you want to the internet.

>But but it's not FREE software,
> It's not GNU.
Precisely, I don't get copyright (legal) freedom, but I get actual (physical) freedom in the real world.
> But you could download an exploit; your system isn't secure.

Don't download and run anything from the internet on the DOS computer if you want it to remain with integrity. Just text reading and posting. Use it as a communications tool. Build a different computer for DOS gaming or use DOS Box on Linux/UNIX.

Message too long. Click here to view full text.

Edited last time by Endwall on 07/04/2020 (Sat) 23:37:49.

Endwall 06/28/2020 (Sun) 06:06:55 [Preview] No.1546 del
The ultimate step is to build an 8-bit computer with a soldering iron (RC2014), launch a browser in a community audited version of CP/M, connect by socks 5 proxy to a unix computer running tor with 12-15 hops, and use a text browser for the web and and irc client in text mode. Proxy out to Tor or I2P or whatever the next super duper anonymity router is. In the mean time do this with DOS. This won't be a solution for the everyman or for the newbie, but it will be a solution for the serious thinking man.

Endwall 06/28/2020 (Sun) 06:16:36 [Preview] No.1547 del
Anything you can do to isolate the tor daemon from the system or its running processes will help. I'm running it as a user with a custom torrc. If you can first run firejail or bubble wrap, or chroot it and get the tor daemon to still function it might help. I consider the linux/unix environment potentially hostile to the user and a potential source of packet inspection. Basically linux can be used to keylog the users and destroy the anonimity factor in real time or in post analysis. If there is key logging with an output beacon on your machine, you don't have privacy, and Tor Browser isn't going to help you with anonymity. If there is malware that can mess with the tor daemon as it's running, then it might be wise to try to isolate the process, so yeah probably a good idea. I'll try running it with firejail it probably won't work. If you get a setup like that and find it beneficial, please post the steps and instructions here. Thanks.

please do not come to nanochan Anonymous 06/06/2020 (Sat) 01:08:08 [Preview] No. 14237 [Reply] [Last 50 Posts]
>hurr durr js bad
>yet somehow does not have any problem with this horseshit where if JS is off and you press post and it opens a new page to fill out a captcha which if you fail you have to go back and hit refresh
>hurr durr js bad
>yet somehow does not have any problem with what happens when you disable JS on 8gag: the post button opens a download dialog to get a text file saying "please go to to fill out a captcha"
<hurr durr thats only 8kun
>it was like that on 8gag since the beginning
>8cuck has also pointlessly required referer [sic] header, which is the sole reason (((googzilla))) waited until 2020 to deprecate it
>instead of proper style everyone and their dog has been able to get right since the 90's: having a captcha right under the post field
>also requires cookies whereas above would only need a cookie if you want to post twice with the same ephemeral session

Anonymous 06/06/2020 (Sat) 07:04:17 [Preview] No.14238 del
(1.84 MB 500x407 1568785826730.gif)
Javascript doesn't exist in any web browser I'm willing to use (Lynx, Links, w3m) and even if there was an option to build them with it, I wouldn't. JS is for lamers.

Anonymous 06/08/2020 (Mon) 18:00:30 [Preview] No.14243 del
Small compromises are what make everything fall apart.

(20.22 KB 386x405 guix.jpg)
GUIX Anonymous 04/22/2020 (Wed) 19:31:24 [Preview] No. 14098 [Reply] [Last 50 Posts]
BO has given up on life so it doesn't matter if this is a shit thread.

I want to install GUIX with HURD, the real deal GNU system, on a macbook A1181 I am fixing up.

Any advice? Anyone tried it?
13 posts and 1 image omitted.

Anonymous 05/16/2020 (Sat) 08:41:22 [Preview] No.14154 del
Welp, I'm really scratching my head on this one.

1) The Mac gives me "Select CD-ROM Boot Type" error and while I keep reading 'lol, just hold 1 and press enter at the exact right time bro' I can't seem to press return at the correct time, the 1 bit works because it shows as the selection so at least in theory it should work. Will probably try this a hundred more times.
2) I can't seem to make a bootable usb from the guix iso, so installing on another system and just inserting the drive is a no. UNetbootin is normally a sure win but I'm getting nowhere.

I am using Trisquel currently. It actually stalls for like 3-5 minutes every time I shutdown whilst it waits for all the systemd networking to hang itself. Not a comfy OS at all. Thankfully they switched to MATE though, because current GNOME is a fucking joke.

Anonymous 05/16/2020 (Sat) 22:59:56 [Preview] No.14155 del
Maybe some of the dependencies didn't get loaded when you were installing

Or you forgot to install some of the dependencies when you were starting

Anonymous 05/18/2020 (Mon) 06:35:27 [Preview] No.14165 del
Nah, it's a fairly common bug with no solutions. Besides, I hope to be transferring to the mac with guix and repurposing my desktop as an HTPC.

OP Anonymous 05/21/2020 (Thu) 06:31:56 [Preview] No.14173 del
I'm at a stand still currently. The Mac must be in worse shape than I thought. I tried just using my current drive which is efi but no good. So I thought of trying a Mac osx install DVD, no good, still gives the bug. Basically, unless I can figure a way around this fucking bug, this thing is never going to boot anything.

Does anyone happen to know, is there anything different or special about the efi a Mac needs versus PC? I don't think so myself so I'm wondering if there is a problem with the drive cable in the Mac.
My other option is libreboot which would solve the disc bug but I need a r-pi or something to flash the board.

Anonymous 06/08/2020 (Mon) 12:30:18 [Preview] No.14242 del
Any progress OP?

(40.68 KB 654x465 cloudflare_is_gimp.jpg)
Anonymous 05/27/2020 (Wed) 20:22:54 [Preview] No. 14207 [Reply] [Last 50 Posts]
Cloudflare can't handle the bantz.
2 posts and 2 images omitted.

Anonymous 05/28/2020 (Thu) 01:36:20 [Preview] No.14211 del

Anonymous 05/30/2020 (Sat) 06:49:49 [Preview] No.14216 del
let this be a cuckflare hate thread.
oh boi, i hate em.

Anonymous 05/30/2020 (Sat) 10:02:30 [Preview] No.14217 del
yer lul fukkin cloudflare more like cloudfag! wutevah yuh do, no talk about the space thing or post enny spaxe shit

Anonymous 06/03/2020 (Wed) 14:45:42 [Preview] No.14230 del
my bruddah homiez feel like under the knee, when sites go fulla cloudcuck. cloudcucks can shove their warp shiet up their pinky cia asses. no homie would even touch their shiet.

Anonymous 06/06/2020 (Sat) 01:06:44 [Preview] No.14236 del
(428.49 KB 1913x1080 cuckflare.png)
cucked again

NordVPN on OpenWrt 19.07.2 using LuCI web interface Anonymous 06/03/2020 (Wed) 15:01:02 [Preview] No. 14231 [Reply] [Last 50 Posts]
NordVPN on

OpenWrt 19.07.2
using LuCI web interface

router needs about 7mb flash storage to hold default install with LuCI and additional packages

login to router via web interface.

systems > software
"Update lists..." button

"install" button next to
openvpn-openssl then "Install" button in popup window
ip-full then "Install" button in popup window
luci-app-openvpn then check "Overwrite files from other package(s)" in popupwindow then "install" button.

Message too long. Click here to view full text.

Darkweb Exposed Anonymous 06/01/2020 (Mon) 16:32:50 [Preview] No. 14221 [Reply] [Last 50 Posts]
"Leaked data contains email addresses, site admin passwords, and .onion domain private keys."


Anonymous 06/01/2020 (Mon) 16:54:49 [Preview] No.14222 del
Apparently some of the people impacted are regulars on CoronaChan

Anonymous 06/02/2020 (Tue) 21:50:14 [Preview] No.14224 del
onion site OR create an account
NOT both

Anonymous 06/03/2020 (Wed) 14:38:43 [Preview] No.14229 del
wut? explain?

so anonimuos haxor nuked DH server cause of da cp, or any other reason? why not nuke fb or insta. those folks got plenty of stuuff.

(232.56 KB 1803x1432 EYN50SbX0AEbnCG.jpg)
Consumer Shit General Anonymous 05/23/2020 (Sat) 03:01:43 [Preview] No. 14188 [Reply] [Last 50 Posts]
Has anyone bought pic related or something similar? What kind of performance can you get out of it? I guess thermal dissipation will be the biggest bottleneck. Thinking of something like this with a wireless keyboard and mouse for the TV.
1 post and 1 image omitted.

Anonymous 05/23/2020 (Sat) 03:29:28 [Preview] No.14190 del
(312.58 KB 800x500 TS-963x.png)
Pic related doesn't do SFP+, just 10GBase-T.
Anyone know of any 10GbE SFP HDD/SSD NAS units? Preferably not rack-mounted

Anonymous 05/23/2020 (Sat) 03:40:32 [Preview] No.14191 del
(103.16 KB 908x517 NFS_wireshark.jpg)
A quick note to readers of 'high-speed' network attached storage providers. You're probably (hopefully) using NFS to export your file systems to remote hosts. Plz take the time to understand how NFS works over the network and what the constraints are. This (NFS) extends to include the behaviors of TCP/UDP too!

A few milli or nano seconds of latency may seem insignificant but when you're working with large volumes of sequential read/writes they start to add up!

Anonymous 05/23/2020 (Sat) 03:51:23 [Preview] No.14192 del
Checkout my current SICK NAS featuring a single-core 1.8GHz Atom and 1GB of DDR2 memory. 10TB of 6-disk RADI10 capacity lmao

Anonymous 05/27/2020 (Wed) 19:16:39 [Preview] No.14206 del
yes I have the biggest wiggliest dongles.

Anonymous 05/30/2020 (Sat) 06:37:53 [Preview] No.14214 del
wow anon. I can only dream of making such a beautiful PC in a box